aws-lite icon indicating copy to clipboard operation
aws-lite copied to clipboard

Published 20 hours ago verified publisher icon architect

Presigned URLs

Open metadaddy opened this issue 1 year ago • 7 comments

First stab at presigned URLs.

Invoked just like a regular request, but include SignQuery: true and, optionally, additional parameters for aws4. Method returns a string containing the presigned URL rather than the response to the query.

For example, generate presigned URL with a lifetime of one hour:

url = await aws.S3.GetObject({
  Bucket: 'my-bucket',
  Key: 'aws-lite.txt',
  SignQuery: true,
  PresignedUrlExpires: 3600,
})

// https://my-bucket.s3.us-east-1.amazonaws.com/aws-lite.txt?X-Amz-Expires=3600&X-Amz-Date=20240201T213629Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXSRWQ36HL4DYYSGB%2F20240201%2Fus-west-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=afea02734775bd678875705abc1999ba7811fe5390d4ba4a295ea1261aed2c7f

Rationale for this approach: generating a presigned URL needs all the same processing as a request until the aws4.sign() call. The path of least resistance is to execute that same code path, then bail out after aws4.sign() with the resulting URL, rather than making the request.

I'm very open to suggestions of a better developer experience. Now that this is working, it should be straightforward to refactor to a different approach.

metadaddy avatar Feb 02 '24 00:02 metadaddy